<?php
class AuthComponent extends Object 
{
	var $components = array('Session');
	var $sesskey    = 'logged';
	//possible values for $options
	//METHOD: hardcoded,  USERNAME: the username you want, PASSWORD: the password yout want;
	var $options = array();

	function initiate($method, $params)
	{
		$this->options['method'] = $method;
		switch ($method) {
		 	case 'hardcoded':
				$this->options['username'] = $params['username'];
				$this->options['password'] = sha1(T_SALT . $params['password']);
				break;
			case 'database':
				$this->options['usersTable'] = $params['table'];
				break;
			case 'file':
				$this->options['fileName'] = $params['fileName'];
				break;
			default: break;
		}
	}

	function checkCredentials($username, $password)
	{
		switch ($this->options['method']) {
			case 'hardcoded':
				if ($username == $this->options['username']) {
					$vect_pass = explode(':',$this->options['password']);
					if(count($vect_pass)!=2) return false; 
					else {
						$salt = $vect_pass[1];
						if($md5($salt.$password) === $vect_pass[0]) return true;
						else return false;
					}	
				}
				break;
			case 'database':
				$QUERY_STRING = "SELECT `admin_name`, `admin_pass`
								FROM {$this->options['usersTable']}
								WHERE `admin_name` = trim('{$username}')";
				$admin_pass = "";$res = array();		
				$result = mysql_query($QUERY_STRING);
				while($res = mysql_fetch_assoc($result)){
					$admin_pass = $res['admin_pass'];
				};				
				$vect_pass = explode(':',$admin_pass);
				if(count($vect_pass)!=2) return false; 
				else {
					$salt = $vect_pass[1];
					if(md5($salt.$password) === $vect_pass[0]) return true;
					else return false;
				}
				break;
			case 'file':
				//????????? trebuie verificat!!!!!!
				//sa scrie pe linii diferite fiecare user si parola: "user parola"
				if($handle = fopen($this->options['fileName'], "r"))
				{
					while(!feof($handle))
					{
						$info = fgets($handle);
						$arrayInfo = explode($info," ");
						if($arrayInfo[0] == $username) {
							$vect_pass = explode(':',$arrayInfo[1]);
							if(count($vect_pass)!=2) return false; 
							else {
								$salt = $vect_pass[1];
								if($md5($salt.$password) === $vect_pass[0]) return true;
								else return false;
							}	
		 				}	
					}	
				}
			default:
				return false;
				break;
		}
		
		return false;
	}
	
	function login($username, $password)
	{
		if ($this->checkCredentials($username, $password))
		{
			$this->Session->write($this->sesskey,'logged');
			return true;
		} else {
			return false;
		}
	}

	function isLoggedIn()
	{
		return $this->Session->check($this->sesskey);
	}

	function logout()
	{
		$this->Session->delete($this->sesskey);
	}
	
	//generate salt
 	function createRandomValue($length, $type = 'mixed') {
	    if ( ($type != 'mixed') && ($type != 'chars') && ($type != 'digits')) return false;
	    $rand_value = '';
	    while (strlen($rand_value) < $length) {
	      if ($type == 'digits') {
	        $char = rand(0,9);
	      } else {
	        $char = chr(rand(0,255));
	      }
	      if ($type == 'mixed') {
	        if (eregi('^[a-z0-9]$', $char)) $rand_value .= $char;
	      } elseif ($type == 'chars') {
	        if (eregi('^[a-z]$', $char)) $rand_value .= $char;
	      } elseif ($type == 'digits') {
	        if (ereg('^[0-9]$', $char)) $rand_value .= $char;
	      }
	    }
	    return $rand_value;
	}
}